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Expert threat detection, investigation, and hunting 








Organizations are increasingly facing stealthy targeted attacks, designed to bypass existing : Managed XDR gives you: 

security defenses. These attacks can monetize stolen intellectual property, encrypt essential 

data for ransom, or damage the flow of information in the case of nation state attacks. : 24/7 monitoring and detection 
Advanced threat detection tools, such as extended detection and response (XDR), are ‘ 

effective methods for identifying and responding to attacker behavior. However, even with =: * Continuous alert monitoring, correlation, and 
the right solution, security teams still struggle with constrained resources. They can gain : prioritization using automation and analytics. 
tremendous value by leveraging a service to augment detection capabilities, add threat Proactive sweeping of email, endpoints, 
expertise/intelligence, and ensure proactive threat hunting and regular sweeping for servers, cloud workloads, and networks. 





Marcarors OP Spare mise We) Rapid investigation and mitigation 


Trend Micro is the only vendor that can use its native security stack to offer an integrated 
managed service across email, endpoints, servers, cloud workloads, and networks. Our 
managed detection and response service, Trend Micro™ Managed XDR, drives unparalleled 
improvements in security teams’ time-to-detect and time-to-respond, while minimizing the 
risks and impact of threats. 


* Comprehensive analysis and detailed 
response plan with remote response actions 
through Trend Micro solutions. 


Expert threat identification and hunting 


KEY FEATURES : e Uncovering of complex targeted threats 

: using cutting-edge techniques-with 
enrichment by threats experts leveraging 
deep threat intelligence. 


Multiple Vectors 


Customers can choose to monitor email, endpoints, servers, cloud workloads, and/or 
network security solutions: 


e Email protected by Trend Micro” Cloud App Security for Microsoft Office 365™ or Google G Suite”. 
* Endpoints with Trend Micro Apex One™ multi-layered endpoint security. 


* Servers and cloud workloads protected by Trend Micro” Deep Security” Software or Trend Micro 
Cloud One™ - Workload Security (virtual, physical, cloud, and containers). 


e Networks equipped with Trend Micro™ Deep Discovery™ Inspector, providing advanced network 
detection across over 100 protocols and all network ports. 





Detection 


* 24/7 alert monitoring, correlation, and prioritization—using automation and analytics—quickly distills 
alerts down to the events which need further investigation. 


* Continuously sweeps customer environments for newly identified indicators of compromise (loCs) or 
indicators of attack (loAs)-including those discovered in other customer environments or shared via 
US-Cert or other third-party disclosures that Trend Micro receives. 





* Service capitalizes on Trend Micro product differentiators and ensures customers get the most out 
of their solutions’ detection capabilities. 


* The managed detection and response (MDR) service is the first-user of any new detection 
techniques being developed for Trend Micro solutions, so Managed XDR customers benefit 
first from the latest technologies. 
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Investigation 


* Trend Micro experts create a full picture of the attack across 
the entire enterprise by generating root cause analysis to show 
the attack vector, dwell time, spread, and impact of the attack. 


e Analysts are able to synthesize data to derive insights while 
leveraging Trend Micro” Smart Protection Network”, as well 
as threat researchers across 15 global threat research centers- 
who have a deep collective knowledge of threat techniques 
and actors. 





* Customers can work directly with Trend Micro security analysts 
during the investigation and response process. 


Response 


e Product response options are initiated to contain threats and 
automatically generate loCs to prevent future attacks. 


* Service provides a step-by-step response plan on actions 
needed to remediate and, as applicable, custom clean-up tools 
to help recover from the threat. 





* Continually sweeps the enterprise to ensure the customer's 
environment remains clear of any resurgence of the threat. 


HOW IT WORKS 


Security Layer Options 
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ANALYTICS AND AUTOMATION 
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Threat Threat 
Intelligence Tools and 
Services 
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+ Trend Micro Apex One™ with XDR 
+ Third-party anti-malware with XDR 


feb 


ENDPOINT 


+ Trend Micro Cloud One™ - Workload security 
with XDR 


+ Trend Micro™ Deep Security™ Software with XDR 
+ Third-party anti-malware with XDR 


Machine 
Learning 


SERVER AND CLOUD 
WORKLOADS 


=e 


(Q + Trend Micro™ Deep Discovery™ Inspector with XDR 


NETWORK 


+ Trend Micro™ Cloud App Security with XDR 








Reports 


e For investigated customer threat alerts, Trend Micro reports 
information through incident cases which contain details of 
the threat, including affected hosts, loCs, and recommended 
mitigation options—wherever possible. 


e Trend Micro also provides monthly reports to summarize case 
activity from the preceding month. All cases and reports are 
published to the Trend Micro Customer Success Portal and 
are emailed to desired recipients through the standard case 
support system. 


Service reviews 


e Trend Micro provides an opportunity for a formal service 
performance review at least once per quarter. This review 
examines service performance, significant events and 
incidents, faults and cases, change requests and execution, 
along with recommendations. 


Service Components and Deliverables 


MONITORING 
AND 
DETECTION 


ANALYSIS 
AND 
INVESTIGATION 


Our Managed XDR service benefits from the customers’ use of Trend Micro Vision One™-an extended detection and response 
(XDR) cyber defense center. By leveraging the solution's XDR data lake and analytical capabilities, the service offers added 
efficiencies around correlated detection and integrated detection and response. 
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SERVER 
AND CLOUD 
WORKLOAD 










ENDPOINT NETWORK 


Detection 


24/7 critical Managed XDR team continually monitors the logs for new critical alerts, 
alerting and o o o o investigate via automated or manual means, and deliver details on the threat. 

Ai You can decline the escalation path for the Managed XDR team based on the 
monitoring critical assets and other criteria. 





Manged XDR team will sweep your environment's metadata stores for newly 
loC Sweeping (0) (0) ie) (6) identified loCs, including those shared via US-CERT and other third-party 
disclosures that Trend Micro receives 





Using data, the Managed XDR team will generate a root-cause analysis, 
O O which shows the attack vector (email, USB, web, etc.) downtime, and the 
spread and impact of the attack 


Investigation 


Using threat knowledge and customer shared environment data, the Managed XDR 
(0) (6) O O team will help to prioritize alerts or threats. The team escalates threats to specific 
high-value hosts as requested by customer. 


Root Cause 
analysis (RCA) 





Incident 
prioritization 





Any new threat/loC in a customer's environment is checked against the 

















e (6) (6) (0) O metadata stores to access if the file is on any other protected system and if 
analysis other systems may be comprised. 
Suspicious Customers can investigate unusual user account activity potentially 
user activity (6) signifying a compromised account, such as spamming, where there is a 
tracking sudden and large volume of outbound emails. 
On-demand ; . . P 
Aaaressive o* Customers can request an aggressive endpoint scan, which uses the latest intel to 
ggi scan for potential threats. 
testing 
Response 
Access to Cust k to Managed XDR security analysts for further detail 
Managed XDR o o o o ustomers can speak to Manage security analysts for further details 
or clarification. 
analysts 
Managed XDR team will provide applicable product response options and 
Threat response o o o o customer clean-up tools to help with threat recovery. 
Executive Managed XDR team provides a monthly executive summary outlining 
summary report O (0) O O the services provided over the specific time period, including loc sweeps 
- monthly completed, alerts handled, etc. 




















* NOT applicable for customers using third-party anti-malware solution instead of Trend Micro Apex One 











For details about what personal information we collect and why, please see our Privacy Notice on our website at: 
https://www.trendmicro.com/privacy 
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Securing Your Connected World 
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